I am the Global Head of Security Research for Sophos, one of the worlds largest security companies, trying to defend against malicious code. I’m also a Certified Instructor and Director, EMEA for the SANS institute where I teach a variety of subjects including incident handling and ethical hacking. For the past 10 years I’ve researched malware, hacking and cryptography. I’ve worked with many of the worlds largest and most paranoid organizations to help define security strategy. I often appear on TV ranting about security, have delivered a TED talk and am a frequent speaker at conferences worldwide. These days I am also very keen on developing the next generation of security talent. I've done some work I'm really proud of and some stupid things. I will share my experiences and save others the trouble. Geek at heart.

International law agencies over the last few days have obliterated a cyber crime gang which deployed malicious code to turn on your webcam, listen to your microphone and steal your information. The gang were using a RAT (Remote Access Trojan) to gain access to computers and allow them to remotely monitor large numbers of individuals for various extortion purposes. The Blackshades RAT is ‘dual use’ technology in that it could (hypothetically, possibly, maybe, but really more than likely not) be used legitimately to access your home or work computer, but can also be used by criminals. In this instance the Blackshades RAT (historically available at bshades.eu, though the FBI took over this page some time ago) has been associated with a widespread campaign infected hundreds of thousands of computers putting it very much in to the category of ‘extremely dodgy’. This is the same RAT that was infamously used to spy on Miss Teen USA (who resisted the cyber criminals demands and has spoken out about the dangers of such attacks since) amongst a long list of others.

The Blackshades RAT cost between $50 and $100 and while one of the authors, Michael Hogue, was arrested some time ago it has continued to be distributed on the web. Much like most malicious code out there today, this particular gang combined Blackshades with drive by downloads enabling seamless and silent installation in the background whilst you browse the web if you weren’t running up to date security software and had not patched your computer.

There were a large number of law enforcement agencies involved in the operation which led to over 90 arrests from countries all over the world (with a heavy leaning to Europe). The sad reality is that it is tough to catch cyber criminals and arrests like this have been scarce. The Internet can have a heavy bias towards anonymity if used correctly and whilst that can be good it can also make life for law enforcement hunting down criminals rather tough.

Over the past few years cyber crime has spread to whole new levels with in excess of 250,000 new pieces of malicious code being identified every day and endless cases in the news about the data heists further highlighting how widespread the problem is. Despite this scale of operation there are a relatively small number of prosecutions. This has led to a growing industry of cyber crime featuring innovations like cloud based cyber crime management services, DDoS (distributed denial of service) for hire and build your own botnet for very ‘reasonable’ prices. Not to be a downer on the good news but there are of course countless other nasty RATs available for purchase in the cyber crime underground which is why you should make sure you take steps to protect yourself.

Top Tips To Avoid RATs On Your Computer:

Keep your computer fully patched and up to date – particularly the operating system, the web browser and plug ins like Java or Flash (better still uninstall what you don’t need!).

Plan for the worst! Don’t keep a file called Passwords.xls with your sensitive information in it in your documents folder (I’m not kidding, I can not tell you how many times I have seen this in my information security career).

Black out your webcam with a sticker. There are a large number of stylish stickers available which will cover the webcam on your computer and can be removed when you genuinely want to do a video conference or take a shocking selfie. They don’t leave marks and you can take them off as many times a day as you want – not a bad idea.

Keep an eye out for strange behaviour. RATs don’t have to interact with the computer screen directly. Data theft and recording can occur entirely in the background without your knowledge. That said in many of these criminal campaigns it is quite common for the mouse to move like someone else is using your computer (they are). Keep an eye out for these activities and if it happens disconnect your computer and seek advice.

Use web security. It isn’t just adult sites that infect your system with malware. Malicious code can be located everywhere on the web and might hit you when you least expect it on a legitimate site you visit every day. Endpoint or network based web security can identify web pages that contain nasty code and prevent you from browsing to them – it is a helpful addition to reduce the chances of running in to a drive by download RAT.

It is excellent to see focus from international law enforcement on identifying and prosecuting those involved in these activities, particularly on such an international co-ordinated basis. Prosecutions like this send a real message to those involved in cyber crime and help keep innocent Internet users from being monitored, manipulated or their data ransomed. I for one can’t wait to see more.

You can find tips on how to identify if your computer is infected with Blackshades here and a free removal tool here [Disclosure: I work for Sophos].

Post Your Comment

Post Your Reply

Forbes writers have the ability to call out member comments they find particularly interesting. Called-out comments are highlighted across the Forbes network. You'll be notified if your comment is called out.